Spammers are the bane of the web. I have seen web sites that use this format (in an ordinary paragraph) such as: "Send email to tom at server.com"

This would seem to confound a spammer but it is very inconvenient for the genuine visitor to the site. Is there a "fix" in HTML that blocks spammers without making life difficult for us others?

Mittineague
—
2008-09-18T02:11:45Z —
#2

IMHO it is better to not display your email address (or any other "too" personal information) online. I think a contact form, with adequate SPAM prevention safeguards in place, is better. Unless you are comfortable with your email's SPAM filtering, why risk it? Obfuscating your address from harvester bots is one thing, but once it gets on the lists, watch out.

felgall
—
2008-09-18T04:29:40Z —
#3

At least with a contact form that adds the email address afterwards - when your spam safeguards are bypassed you can change the safeguards in the form and block spam again until the next time it gets bypassed. With an address in the page no matter how encoded, once a spammer gets it the address becomes worthless.

Since some spammers employ people to examine web pages to find email addresses for them there is no form of in page email address that the spammmers can't get.

molona
—
2008-09-18T11:31:22Z —
#4

There are methods to obfuscate your e-mail address in order to make it a bit harder, such as using an image to show your address, or to write it as "example.at.example.com", and many others.

Unfortunately, there is not a safe method and no way to do it :(. Whenever a new system is developed, the spammers find a way to break it.

Agree with what said above. The safesest is to use a form and, probably, some kind of captcha. This will take some spam away, not all as some spam bots can already break that security.

Still, some companies do need to put their e-mail address... then I would suggest to use a generic account and a good spam filter, because obfuscating only create problems for the users.

That's what we call obfuscating the e-mail address... The result, in this case, will be as bad as simply writing your e-mail address directly. The reson being that your PHP page would be first interpreted by the server and then served to the browser. The result of that interpretation would be

<a href="mail@mail.com">Email Us</a>

This is what the browser will see, and this is the HTML that it will render to the user, showing him the link.

At least you tried, though, so keep it up

UglyDogDesigns
—
2008-09-18T14:13:51Z —
#7

molona said:

That's what we call obfuscating the e-mail address... The result, in this case, will be as bad as simply writing your e-mail address directly. The reson being that your PHP page would be first interpreted by the server and then served to the browser. The result of that interpretation would be

Edit: Holy crap do you guys realize how hard it was to post that without putting links?? This is what the topic is about! I really don't want to spam just to get above 10 posts just to be able to ask this question to stop spam to my email .. geeze..

shop_bright
—
2009-02-20T20:48:41Z —
#9

Why not just use a form? no need for any addresses at all?

kabo0m
—
2009-02-22T00:12:47Z —
#10

shop_bright said:

Why not just use a form? no need for any addresses at all?

Actually I am now looking into that myself.. since I am a noob really .. any suggestions for a safe but easy to use form?

just think of another email that is still inviting and accessible for those with javascript switched off.

Then inspect that Spam riddled email from time to time for real messages.Although chances are you won't get any ... Only Spam!

kabo0m
—
2009-02-22T01:35:41Z —
#12

Oh wow nice! I have an email client that offers "disposable?" email addresses that I could use as the alternative email and yet still check so this is perfect! Thanks!

Also I found this which is really cool if people don't want to use hgilbert's code exactly .. but nice I like it!

That one is also better than anything else I have found online because I was just told this:

all the javascript is useless vecause bots use aprint command now wich cancels anything that isnt in the code but still prints... the only thing that is secured in that sence is a code that sends a POST command to a cgi or pmp code (non readable) and then that php code or cgi has your email and handles the sendmail.

Wow! I guess that would mean that even this site wouldn't be good enough: